forked from TrueCloudLab/lego
dnsimple: Upgrade client to 0.60.0 (#1148)
This commit is contained in:
parent
25ea7ac6b4
commit
f13a88feb5
6 changed files with 58 additions and 18 deletions
|
@ -478,11 +478,11 @@ func displayDNSHelp(name string) error {
|
||||||
ew.writeln()
|
ew.writeln()
|
||||||
|
|
||||||
ew.writeln(`Credentials:`)
|
ew.writeln(`Credentials:`)
|
||||||
ew.writeln(` - "DNSIMPLE_BASE_URL": API endpoint URL`)
|
|
||||||
ew.writeln(` - "DNSIMPLE_OAUTH_TOKEN": OAuth token`)
|
ew.writeln(` - "DNSIMPLE_OAUTH_TOKEN": OAuth token`)
|
||||||
ew.writeln()
|
ew.writeln()
|
||||||
|
|
||||||
ew.writeln(`Additional Configuration:`)
|
ew.writeln(`Additional Configuration:`)
|
||||||
|
ew.writeln(` - "DNSIMPLE_BASE_URL": API endpoint URL`)
|
||||||
ew.writeln(` - "DNSIMPLE_POLLING_INTERVAL": Time between DNS propagation check`)
|
ew.writeln(` - "DNSIMPLE_POLLING_INTERVAL": Time between DNS propagation check`)
|
||||||
ew.writeln(` - "DNSIMPLE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
|
ew.writeln(` - "DNSIMPLE_PROPAGATION_TIMEOUT": Maximum waiting time for DNS propagation`)
|
||||||
ew.writeln(` - "DNSIMPLE_TTL": The TTL of the TXT record used for the DNS challenge`)
|
ew.writeln(` - "DNSIMPLE_TTL": The TTL of the TXT record used for the DNS challenge`)
|
||||||
|
|
|
@ -18,9 +18,12 @@ Configuration for [DNSimple](https://dnsimple.com/).
|
||||||
|
|
||||||
- Code: `dnsimple`
|
- Code: `dnsimple`
|
||||||
|
|
||||||
{{% notice note %}}
|
Here is an example bash command using the DNSimple provider:
|
||||||
_Please contribute by adding a CLI example._
|
|
||||||
{{% /notice %}}
|
```bash
|
||||||
|
DNSIMPLE_OAUTH_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \
|
||||||
|
lego --dns dnsimple --domains my.domain.com --email my@email.com run
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -29,7 +32,6 @@ _Please contribute by adding a CLI example._
|
||||||
|
|
||||||
| Environment Variable Name | Description |
|
| Environment Variable Name | Description |
|
||||||
|-----------------------|-------------|
|
|-----------------------|-------------|
|
||||||
| `DNSIMPLE_BASE_URL` | API endpoint URL |
|
|
||||||
| `DNSIMPLE_OAUTH_TOKEN` | OAuth token |
|
| `DNSIMPLE_OAUTH_TOKEN` | OAuth token |
|
||||||
|
|
||||||
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
||||||
|
@ -40,6 +42,7 @@ More information [here](/lego/dns/#configuration-and-credentials).
|
||||||
|
|
||||||
| Environment Variable Name | Description |
|
| Environment Variable Name | Description |
|
||||||
|--------------------------------|-------------|
|
|--------------------------------|-------------|
|
||||||
|
| `DNSIMPLE_BASE_URL` | API endpoint URL |
|
||||||
| `DNSIMPLE_POLLING_INTERVAL` | Time between DNS propagation check |
|
| `DNSIMPLE_POLLING_INTERVAL` | Time between DNS propagation check |
|
||||||
| `DNSIMPLE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
|
| `DNSIMPLE_PROPAGATION_TIMEOUT` | Maximum waiting time for DNS propagation |
|
||||||
| `DNSIMPLE_TTL` | The TTL of the TXT record used for the DNS challenge |
|
| `DNSIMPLE_TTL` | The TTL of the TXT record used for the DNS challenge |
|
||||||
|
@ -47,6 +50,21 @@ More information [here](/lego/dns/#configuration-and-credentials).
|
||||||
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
The environment variable names can be suffixed by `_FILE` to reference a file instead of a value.
|
||||||
More information [here](/lego/dns/#configuration-and-credentials).
|
More information [here](/lego/dns/#configuration-and-credentials).
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
`DNSIMPLE_BASE_URL` is optional and must be set to production (https://api.dnsimple.com).
|
||||||
|
if `DNSIMPLE_BASE_URL` is not defined or empty, the production URL is used by default.
|
||||||
|
|
||||||
|
While you can manage DNS records in the [DNSimple Sandbox environment](https://developer.dnsimple.com/sandbox/),
|
||||||
|
DNS records will not resolve and you will not be able to satisfy the ACME DNS challenge.
|
||||||
|
|
||||||
|
To authenticate you need to provide a valid API token.
|
||||||
|
HTTP Basic Authentication is intentionally not supported.
|
||||||
|
|
||||||
|
### API tokens
|
||||||
|
|
||||||
|
You can [generate a new API token](https://support.dnsimple.com/articles/api-access-token/) from your account page.
|
||||||
|
Only Account API tokens are supported, if you try to use an User API token you will receive an error message.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
2
go.mod
2
go.mod
|
@ -17,7 +17,7 @@ require (
|
||||||
github.com/cenkalti/backoff/v4 v4.0.0
|
github.com/cenkalti/backoff/v4 v4.0.0
|
||||||
github.com/cloudflare/cloudflare-go v0.10.2
|
github.com/cloudflare/cloudflare-go v0.10.2
|
||||||
github.com/cpu/goacmedns v0.0.2
|
github.com/cpu/goacmedns v0.0.2
|
||||||
github.com/dnsimple/dnsimple-go v0.30.0
|
github.com/dnsimple/dnsimple-go v0.60.0
|
||||||
github.com/exoscale/egoscale v0.18.1
|
github.com/exoscale/egoscale v0.18.1
|
||||||
github.com/google/go-querystring v1.0.0
|
github.com/google/go-querystring v1.0.0
|
||||||
github.com/gophercloud/gophercloud v0.3.0
|
github.com/gophercloud/gophercloud v0.3.0
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -95,8 +95,8 @@ github.com/dimchansky/utfbom v1.1.0 h1:FcM3g+nofKgUteL8dm/UpdRXNC9KmADgTpLKsu0TR
|
||||||
github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
|
github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
|
||||||
github.com/dnaeon/go-vcr v0.0.0-20180814043457-aafff18a5cc2 h1:G9/PqfhOrt8JXnw0DGTfVoOkKHDhOlEZqhE/cu+NvQM=
|
github.com/dnaeon/go-vcr v0.0.0-20180814043457-aafff18a5cc2 h1:G9/PqfhOrt8JXnw0DGTfVoOkKHDhOlEZqhE/cu+NvQM=
|
||||||
github.com/dnaeon/go-vcr v0.0.0-20180814043457-aafff18a5cc2/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
|
github.com/dnaeon/go-vcr v0.0.0-20180814043457-aafff18a5cc2/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
|
||||||
github.com/dnsimple/dnsimple-go v0.30.0 h1:IBIrn9jMKRMwporIRwdFyKdnHXVmwy6obnguB+ZMDIY=
|
github.com/dnsimple/dnsimple-go v0.60.0 h1:N+q+ML1CZGf+5r4udu9Opy7WJNtOaFT9aM86Af9gLhk=
|
||||||
github.com/dnsimple/dnsimple-go v0.30.0/go.mod h1:O5TJ0/U6r7AfT8niYNlmohpLbCSG+c71tQlGr9SeGrg=
|
github.com/dnsimple/dnsimple-go v0.60.0/go.mod h1:O5TJ0/U6r7AfT8niYNlmohpLbCSG+c71tQlGr9SeGrg=
|
||||||
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
|
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
|
||||||
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
|
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
|
||||||
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
|
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
|
||||||
|
|
|
@ -75,6 +75,7 @@ func NewDNSProviderConfig(config *Config) (*DNSProvider, error) {
|
||||||
|
|
||||||
ts := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: config.AccessToken})
|
ts := oauth2.StaticTokenSource(&oauth2.Token{AccessToken: config.AccessToken})
|
||||||
client := dnsimple.NewClient(oauth2.NewClient(context.Background(), ts))
|
client := dnsimple.NewClient(oauth2.NewClient(context.Background(), ts))
|
||||||
|
client.SetUserAgent("go-acme/lego")
|
||||||
|
|
||||||
if config.BaseURL != "" {
|
if config.BaseURL != "" {
|
||||||
client.BaseURL = config.BaseURL
|
client.BaseURL = config.BaseURL
|
||||||
|
@ -98,7 +99,7 @@ func (d *DNSProvider) Present(domain, token, keyAuth string) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
recordAttributes := newTxtRecord(zoneName, fqdn, value, d.config.TTL)
|
recordAttributes := newTxtRecord(zoneName, fqdn, value, d.config.TTL)
|
||||||
_, err = d.client.Zones.CreateRecord(accountID, zoneName, recordAttributes)
|
_, err = d.client.Zones.CreateRecord(context.Background(), accountID, zoneName, recordAttributes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("dnsimple: API call failed: %w", err)
|
return fmt.Errorf("dnsimple: API call failed: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -122,7 +123,7 @@ func (d *DNSProvider) CleanUp(domain, token, keyAuth string) error {
|
||||||
|
|
||||||
var lastErr error
|
var lastErr error
|
||||||
for _, rec := range records {
|
for _, rec := range records {
|
||||||
_, err := d.client.Zones.DeleteRecord(accountID, rec.ZoneID, rec.ID)
|
_, err := d.client.Zones.DeleteRecord(context.Background(), accountID, rec.ZoneID, rec.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
lastErr = fmt.Errorf("dnsimple: %w", err)
|
lastErr = fmt.Errorf("dnsimple: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -150,7 +151,7 @@ func (d *DNSProvider) getHostedZone(domain string) (string, error) {
|
||||||
|
|
||||||
zoneName := dns01.UnFqdn(authZone)
|
zoneName := dns01.UnFqdn(authZone)
|
||||||
|
|
||||||
zones, err := d.client.Zones.ListZones(accountID, &dnsimple.ZoneListOptions{NameLike: zoneName})
|
zones, err := d.client.Zones.ListZones(context.Background(), accountID, &dnsimple.ZoneListOptions{NameLike: &zoneName})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", fmt.Errorf("API call failed: %w", err)
|
return "", fmt.Errorf("API call failed: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -182,7 +183,7 @@ func (d *DNSProvider) findTxtRecords(domain, fqdn string) ([]dnsimple.ZoneRecord
|
||||||
|
|
||||||
recordName := extractRecordName(fqdn, zoneName)
|
recordName := extractRecordName(fqdn, zoneName)
|
||||||
|
|
||||||
result, err := d.client.Zones.ListRecords(accountID, zoneName, &dnsimple.ZoneRecordListOptions{Name: recordName, Type: "TXT", ListOptions: dnsimple.ListOptions{}})
|
result, err := d.client.Zones.ListRecords(context.Background(), accountID, zoneName, &dnsimple.ZoneRecordListOptions{Name: &recordName, Type: dnsimple.String("TXT"), ListOptions: dnsimple.ListOptions{}})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("API call has failed: %w", err)
|
return nil, fmt.Errorf("API call has failed: %w", err)
|
||||||
}
|
}
|
||||||
|
@ -190,12 +191,12 @@ func (d *DNSProvider) findTxtRecords(domain, fqdn string) ([]dnsimple.ZoneRecord
|
||||||
return result.Data, nil
|
return result.Data, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func newTxtRecord(zoneName, fqdn, value string, ttl int) dnsimple.ZoneRecord {
|
func newTxtRecord(zoneName, fqdn, value string, ttl int) dnsimple.ZoneRecordAttributes {
|
||||||
name := extractRecordName(fqdn, zoneName)
|
name := extractRecordName(fqdn, zoneName)
|
||||||
|
|
||||||
return dnsimple.ZoneRecord{
|
return dnsimple.ZoneRecordAttributes{
|
||||||
Type: "TXT",
|
Type: "TXT",
|
||||||
Name: name,
|
Name: &name,
|
||||||
Content: value,
|
Content: value,
|
||||||
TTL: ttl,
|
TTL: ttl,
|
||||||
}
|
}
|
||||||
|
@ -210,7 +211,7 @@ func extractRecordName(fqdn, domain string) string {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (d *DNSProvider) getAccountID() (string, error) {
|
func (d *DNSProvider) getAccountID() (string, error) {
|
||||||
whoamiResponse, err := d.client.Identity.Whoami()
|
whoamiResponse, err := d.client.Identity.Whoami(context.Background())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
|
@ -4,13 +4,34 @@ URL = "https://dnsimple.com/"
|
||||||
Code = "dnsimple"
|
Code = "dnsimple"
|
||||||
Since = "v0.3.0"
|
Since = "v0.3.0"
|
||||||
|
|
||||||
Example = ''''''
|
Example = '''
|
||||||
|
DNSIMPLE_OAUTH_TOKEN=1234567890abcdefghijklmnopqrstuvwxyz \
|
||||||
|
lego --dns dnsimple --domains my.domain.com --email my@email.com run
|
||||||
|
'''
|
||||||
|
|
||||||
|
Additional = '''
|
||||||
|
## Description
|
||||||
|
|
||||||
|
`DNSIMPLE_BASE_URL` is optional and must be set to production (https://api.dnsimple.com).
|
||||||
|
if `DNSIMPLE_BASE_URL` is not defined or empty, the production URL is used by default.
|
||||||
|
|
||||||
|
While you can manage DNS records in the [DNSimple Sandbox environment](https://developer.dnsimple.com/sandbox/),
|
||||||
|
DNS records will not resolve and you will not be able to satisfy the ACME DNS challenge.
|
||||||
|
|
||||||
|
To authenticate you need to provide a valid API token.
|
||||||
|
HTTP Basic Authentication is intentionally not supported.
|
||||||
|
|
||||||
|
### API tokens
|
||||||
|
|
||||||
|
You can [generate a new API token](https://support.dnsimple.com/articles/api-access-token/) from your account page.
|
||||||
|
Only Account API tokens are supported, if you try to use an User API token you will receive an error message.
|
||||||
|
'''
|
||||||
|
|
||||||
[Configuration]
|
[Configuration]
|
||||||
[Configuration.Credentials]
|
[Configuration.Credentials]
|
||||||
DNSIMPLE_OAUTH_TOKEN = "OAuth token"
|
DNSIMPLE_OAUTH_TOKEN = "OAuth token"
|
||||||
DNSIMPLE_BASE_URL = "API endpoint URL"
|
|
||||||
[Configuration.Additional]
|
[Configuration.Additional]
|
||||||
|
DNSIMPLE_BASE_URL = "API endpoint URL"
|
||||||
DNSIMPLE_POLLING_INTERVAL = "Time between DNS propagation check"
|
DNSIMPLE_POLLING_INTERVAL = "Time between DNS propagation check"
|
||||||
DNSIMPLE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
|
DNSIMPLE_PROPAGATION_TIMEOUT = "Maximum waiting time for DNS propagation"
|
||||||
DNSIMPLE_TTL = "The TTL of the TXT record used for the DNS challenge"
|
DNSIMPLE_TTL = "The TTL of the TXT record used for the DNS challenge"
|
||||||
|
|
Loading…
Reference in a new issue